Skip to main content
CVE-2021-27213 CRITICAL POC PATCH Act Now

config.py in pystemon before 2021-02-13 allows code execution via YAML deserialization because SafeLoader and safe_load are not used. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Deserialization RCE Pystemon
NVD GitHub
CVSS 3.1
9.8
EPSS
2.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy